From e7d19c9b443b5afc5842c3b78182c2919ca18ea2 Mon Sep 17 00:00:00 2001
From: Felipeek <felipeek@hotmail.com>
Date: Fri, 6 Sep 2024 12:08:52 -0300
Subject: [PATCH] fix: avoid never ending loop when peer sends close notify
 during TLS handshake

---
 java/src/main/java/org/wildfly/openssl/OpenSSLSocket.java | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/java/src/main/java/org/wildfly/openssl/OpenSSLSocket.java b/java/src/main/java/org/wildfly/openssl/OpenSSLSocket.java
index 36fc7e0e..3946e729 100644
--- a/java/src/main/java/org/wildfly/openssl/OpenSSLSocket.java
+++ b/java/src/main/java/org/wildfly/openssl/OpenSSLSocket.java
@@ -303,6 +303,10 @@ private void runHandshake() throws IOException {
                 if (write) {
                     buffer.clear();
                     result = sslEngine.wrap(EMPTY_DIRECT, buffer);
+                    if (result.getStatus() == SSLEngineResult.Status.CLOSED) {
+                        close();
+                        throw new SSLException(MESSAGES.connectionClosed());
+                    }
                     if (result.bytesProduced() > 0) {
                         buffer.flip();
                         try (DefaultByteBufferPool.PooledByteBuffer indirectPooled = DefaultByteBufferPool.HEAP_POOL.allocate()) {
@@ -336,6 +340,10 @@ private void runHandshake() throws IOException {
                                 buffer.put(indirectPooled.getBuffer());
                                 buffer.flip();
                                 result = sslEngine.unwrap(buffer, unwrappedData.getBuffer());
+                                if (result.getStatus() == SSLEngineResult.Status.CLOSED) {
+                                    close();
+                                    throw new SSLException(MESSAGES.connectionClosed());
+                                }
                                 if(result.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW) {
                                     underflow = true;
                                 }